I guess my osint skills are trash because I just don’t get what I am supposed to do. I found some stuff based on what i found in the HTML source and I have tried all the shells I have found based on my google search but i just get 404. Can someone help me out?
I guess my osint skills are trash because I just don’t get what I am supposed to do. I found some stuff based on what i found in the HTML source and I have tried all the shells I have found based on my google search but i just get 404. Can someone help me out?
I’m a beginner. Not able to ssh w**a**** without a password. Any tips?
If you are that user, is there something you can add that will let you in without a password? Though I would save it for later, you can do all (or almost all depending on your final vector) without SSH, just pivoting off the initial foothold session.
ROOTED ??
This machine was frustrating at times but ended up being pretty simple. Overall I liked it and had fun. Learned a new way to priv esc and learned about the Message of The Day.
Nudges
Foothold: OSINT
User: Check what you have privs to run as someone else
Root: Check to see what you have write access to
root@traceback:~# whoami
root
root@traceback:~# id
uid=0(root) gid=0(root) groups=0(root)
root@traceback:~#
but…the root flag is not working
Might have something to do with this HTB News | Integrity of Hack The Box. Don’t hold me to it though. I rooted earlier today and it accepted my root flag
root@traceback:~# whoami
root
root@traceback:~# id
uid=0(root) gid=0(root) groups=0(root)
root@traceback:~#
but…the root flag is not working
Might have something to do with this HTB News | Integrity of Hack The Box. Don’t hold me to it though. I rooted earlier today and it accepted my root flag
i have a feeling that is the issue, but i copied and pasted the key within seconds, no reset between or something.
root@traceback:~# whoami
root
root@traceback:~# id
uid=0(root) gid=0(root) groups=0(root)
root@traceback:~#
but…the root flag is not working
Might have something to do with this HTB News | Integrity of Hack The Box. Don’t hold me to it though. I rooted earlier today and it accepted my root flag
i have a feeling that is the issue, but i copied and pasted the key within seconds, no reset between or something.
After a reset I rooted the box again and the new key worked.
how do you edit 00-****** to put a script or something??? and does own**.msg have anything to do with anything? I have an ssh shell and I’m just lost here
I’m a beginner. Not able to ssh w**a**** without a password. Any tips?
It depends what you’ve done and what you are trying to do.
In general, with SSH, you can bypass password authentication if you have generated authentication keys and your public key is stored in the correct location on the server.
i have a feeling that is the issue, but i copied and pasted the key within seconds, no reset between or something.
I’ve been confused by this. I rooted the box on Sunday and I redid it twice today (once before a reset and once after). All three times had the same flag.
how do you edit 00-****** to put a script or something??? and does own**.msg have anything to do with anything? I have an ssh shell and I’m just lost here
There are lots of ways you can edit a file in linux (vim is a good one to try). You dont have to use a text editor to add contents or replace the contents of a file.
i have a feeling that is the issue, but i copied and pasted the key within seconds, no reset between or something.
I’ve been confused by this. I rooted the box on Sunday and I redid it twice today (once before a reset and once after). All three times had the same flag.
maybe this was just before they activated the new rolling flags.